fix: avoid 43-char pubkey mismatch when database pads it

.gitignore

@@ -1 +1,3 @@
+/.idea
 /.phpunit.cache
+.phpunit.result.cache

src/Hazelnut.php

@@ -265,7 +265,9 @@ private function validateRequest(array $get, array $post) :int {
     private function validateNut(?Nut $nut, ?string $key) :int {
         if ($nut == null) return NUT_INVALID;
         if ($nut->getCreatedTime() < strtotime('-'.$this->nutExpiry.' minutes')) return NUT_EXPIRED;
-        if ($key != null && $nut->getIdentity() != null && $key != $nut->getIdentity()) return NUT_MISMATCHING_ID;
+        if ($key != null && $nut->getIdentity() != null && $key != trim($nut->getIdentity())) {
+            return NUT_MISMATCHING_ID;
+        }
         return NUT_VALID;
     }
 

tests/core/CoreValidateNutTest.php

@@ -39,6 +39,24 @@ public function testValidNutWithDefinedKey() {
         $this->assertEquals(\Varden\Hazelnut\NUT_VALID, $result);
     }
 
+    public function testValidNutWithPaddedDefinedKey() {
+        /*
+         * Per https://www.grc.com/sqrl/details.htm: After its single trailing (“=”) equals sign
+         * is removed, the resulting 43-character string becomes the value for the sqrlkey parameter.
+         *
+         * Test for cases where the CHAR(44) pubkey includes a trailing space.
+         */
+        $nut = new \Varden\Hazelnut\Nut('sample');
+        $key = "k";
+        $nut
+            -> createdAt(time())
+            -> forIdentity("k ")
+            -> withTIF('0')
+            -> byIP('2001:db8::1');
+        $result = $this->method->invoke($this->hazelnut, $nut, $key);
+        $this->assertEquals(\Varden\Hazelnut\NUT_VALID, $result);
+    }
+
     public function testNullNut() {
         $result = $this->method->invoke($this->hazelnut, null, null);
         $this->assertEquals(\Varden\Hazelnut\NUT_INVALID, $result);